<?php


namespace app\admin\middleware;

use app\admin\exception\AdminException;
use app\admin\service\Auth;
use DI\Annotation\Inject;
use support\annotation\NoNeedRight;
use Webman\Http\Response;
use Webman\MiddlewareInterface;

class CheckAuth implements MiddlewareInterface
{
    use GetAnnotaion;
    /**
     * @var Auth
     * @Inject()
     */
    protected $service = null;

    public function process($request, callable $next): Response
    {
        if ($this->getHasAnnotation($request, NoNeedRight::class)) {
            return $next($request);
        }
        if ($this->service->can($request->path())){
            return $next($request);
        }
        throw new AdminException("无权限", 403);
    }

}
